Security for Layer 7 protocols, such as, Session Initiation Protocol (SIP), email, File Transfer Protocol (FTP), Telnet, and Domain Naming Service (DNS) typically requires extra gateways, firewalls, or authentication mechanisms in order for the end user to authenticate to the Layer 7 application. The Layer 7 security mechanisms also add additional overhead on client, server, and network resources. For example, in addition to encrypting packets at the network layer, the same packets may also be encrypted at the application layer. In addition, the user may have to authenticate to the network and then authenticate again to the Layer 7 application.
One solution to this problem is to provide a single sign-on. This simplifies the access for the user. However, this does not eliminate the increased overhead required when encryption is provided on the network and for the Layer 7 application.
These existing solutions result in additional cost and increased user frustration because the user may have to have multiple passwords to access the network and the Layer 7 application. This problem may be further exacerbated if the user has multiple layer 7 applications that each require the user to login. Moreover, additional network resources are consumed to provide multiple layers of encryption. What is needed is a solution that provides a single login for both the network and any layer 7 applications while providing a single layer of encryption.